.010 Purpose

While Peer-to-Peer (P2P) technologies have many important and legitimate uses, P2P file sharing applications are often used to obtain copyrighted materials (e.g. music, movies, videos, text, etc.) without the permission of the owner or distributor while utilizing a disproportionate amount of network bandwidth and leaving the user's computer vulnerable to computer viruses. Running P2P file sharing applications on university computers also introduces the risk of inadvertently sharing files containing sensitive University Data. The purpose of this policy is to articulate Kansas State University's position on the use of Peer-to-Peer file sharing applications and the unauthorized acquisition or distribution of copyrighted or licensed material.

.020 Scope

This policy applies to all students, faculty and staff, and other individuals using University information technology resources or data.

.030 Effective Date

This policy became effective on November 13, 2009.

.040 Authority

This policy responds to requirements in the Higher Education Opportunity Act of 2008 that universities develop plans to effectively combat the unauthorized distribution of copyrighted materials.

.050 Policy

Use of Peer-to-Peer file sharing applications for the unauthorized acquisition or distribution of copyrighted or licensed material is prohibited on any University computer or University network. Furthermore, P2P file sharing applications commonly used for these illicit purposes may not be installed on any University computer, and technological deterrents will be used to block their use on the University network.

Any violation of this policy may result in the suspension of access to network resources or other appropriate university discipline, up to and including termination of employment and/or expulsion. In addition, the unauthorized acquisition or distribution of copyrighted or licensed material, including unauthorized peer-to-peer file sharing, may subject individuals to civil and criminal liabilities.

Kansas State University will annually inform students of this policy and associated procedures, consistent with the requirements of the Higher Education Opportunity Act of 2008.

.060 Definitions

Digital Millennium Copyright Act (DMCA) - A federal law passed in 1998 that revised copyright law for the digital environment to, among other things, define how alleged copyright infringements are to be handled and establish liability limitations for "online service providers."

Peer-to-Peer (P2P) - A network environment where participants share their resources (such as files, disk storage, or processing power) directly with their peers without having to go through an intermediary network host or server.

University computer - Any computer considered to be the property of Kansas State University.

University network - Any part of K-State's data network physically located on the Manhattan or Salina campus. This includes devices on the network assigned any routable and non-routable IP addresses, typically 129.130.X.X or 10.X.X.X, respectively, and applies to K-State's wireless network and the network serving K-State's student residence halls and Jardine Apartments.

.070 Roles and Responsibilities

Chief Information Security Officer (CISO) - the CISO will determine the set of prohibited P2P file sharing applications, with input from K-State's Security Incident Response Team. The CISO is also responsible for technology-based deterrents used to enforce this policy.

Office of Student Life - is responsible for notifying students about this policy at the beginning of every fall semester.

.080 Implementing Procedures

The Chief Information Security Officer will maintain and publish a list of P2P file sharing applications that are commonly used for unauthorized acquisition or distribution of copyrighted or licensed material. Examples include but are not limited to Ares, BitTorrent, eDonkey (aka eMule), and Gnutella (aka LimeWire). These applications cannot be installed on University computers and will be blocked on the network using appropriate technology-based deterrents.

A University web site http://SecureIT.k-state.edu/filesharing.html will provide information about alternatives to illegal file sharing and about K-State's program to combat unauthorized acquisition or distribution of copyrighted or licensed material.

.100 Questions/Waivers

The Chief Information Officer (CIO) is responsible for this policy. The CIO or designee must approve any exception to this policy. Questions relating to this policy should be directed to K-State's designated copyright agent (see http://www.k-state.edu/copyright.html). Questions about the list of prohibited P2P file sharing applications should be directed to the Chief Information Security Officer.